Alisa/nix/infra/backend.nix

72 lines
1.5 KiB
Nix

{
lib,
config,
self,
pkgs,
...
}:
let
user = "postgres";
in
{
systemd.services.alisa-backend = {
enable = true;
after = [
"network.target"
"postgresql.service"
];
wantedBy = [ "multi-user.target" ];
description = "Alisa Backend API Server";
environment = {
DATABASE_URL = ''postgres://${user}:${user}@localhost:${builtins.toString config.services.postgresql.settings.port}/${user}'';
TOKEN_SECRET = "secret";
};
serviceConfig = {
Restart = "always";
DynamicUser = true;
User = user;
ExecStart = lib.getExe self.legacyPackages.${config.nixpkgs.hostPlatform.system}.backend;
};
};
systemd.services.public-pw-reset = {
enable = true;
description = "Rest Public Password";
script = ''
/root/fixpw.sh
'';
path = [
pkgs.curl
pkgs.bash
];
serviceConfig = {
User = "root";
Type = "oneshot";
};
};
systemd.timers.public-pw-reset = = {
wantedBy = [ "timers.target" ];
timerConfig = {
OnBootSec = "5m";
OnUnitActiveSec = "1m";
Unit = "public-pw-reset.service";
};
};
services.postgresql = {
enable = true;
ensureDatabases = [ user ];
ensureUsers = [
{
name = user;
ensureDBOwnership = true;
}
];
initialScript = pkgs.writeText "init-sql-script" ''
alter user postgres with password 'postgres';
alter user ${user} with password '${user}';
'';
};
}